When should security first be addressed in a project?

seenagapeAugust 4, 2012

A.
During requirements development

B.
During integration testing

C.
During design specifications

D.
During implementation

Explanation:
A: The trick to this question, and any one like it, is that security should be implemented at the first possible phase of a project. Requirements are gathered and developed at the beginning of a project, which is project initiation. The other answers are steps that follow this phase, and security should be integrated right off the bat instead of in the middle or at the end.

2 Comments on “When should security first be addressed in a project?”

joe says:

March 10, 2016 at 5:49 pm

The trick to this question, and any one like it, is that security should be implemented at the first possible phase of a project.

0

0

Log in to Reply
IT Auditor says:

April 11, 2017 at 9:19 pm

Disagree with your above answer A. Reason? Requirements definition or development is only a phase were you collect the information needed to make up the system. For example, identify the input data to interfaces and values they output, etc. In this phase you still have not architected the system. As such, design and architecture is the first opportunity to address or implement or provision the security concerns. The correct answer is C.

The question however is tweaked to confuse the audience by using the word “addressed”. It’s not the same as define. It should be interpreted as implement.

0

0

Log in to Reply

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISC Exam Questions

Free ISC2 Study Guide

When should security first be addressed in a project?

2 Comments on “When should security first be addressed in a project?”

Leave a Reply Cancel reply